• tburkhol@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    2 months ago

    Also, at least for the Yubi implementation, fixable in software, firmware >= 5.7 not vulnerable. Also not upgradeable, so replace keys if you’re worried about nation-state attacks.

    • harsh3466@lemmy.ml
      link
      fedilink
      English
      arrow-up
      7
      ·
      2 months ago

      I went into the article thinking I’d need to replace my keys, and after reading decided I’m a very unlikely target for this attack. My threat model doesn’t include nation states, so I’m gonna keep using my yubikeys for the foreseeable future.

      I have been thinking about new hardware key(s) that can handle more than 20 passkeys, but that’s not a high priority for me right now.